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REMARKS 

This Amendment and the following remarks are intended to fully respond to the Office 
Action mailed May 10, 2007. In this Response, claims 1, 4, 8, 13, and 23 have been amended; 
claims 6, 19-22, and 27 have been canceled; and claims 28 and 29 have been added. Therefore, 
claims 1-5, 7-19, and 23-26, 28 & 29 remain present for examination. No new matter has been 
added. 

Objection to Abstract 

The Examiner objected to the Abstract of the Disclosure because it exceeded 150 words. 
A new abstract containing fewer than 150 words has been substituted. Withdrawal of the 
Examiner's objection to the Abstract is respectfully requested. 

Objection to Oath or Declaration 

The oath or declaration is objected to according to PTO form 326; however, no 
explanation of the objection is provided in the Office Action. Further explanation or withdrawal 
of the objection is respectfully requested. 

Objection to Claims 4 & 8 

Claims 4 & 8 were objected to for typographical errors. Claims 4 and 8 have been 
amended as suggested by the Examiner. Withdrawal of this rejection is respectfully requested. 

Rejection Under 35 USC 101 

Claim 27 was objected to under 35 USC § 101. Claim 27 has been canceled. 

Rejections Under 35 USC § 102 

Claims 1-3, 6, 7, 10-14, 18, 23 and 24 are rejected under 35 USC 102(e) as being 
anticipated by the Conrad Herrmann et al. publication (2004/0107360, hereinafter "Herrmann"). 

Herrmann discloses a system and method for policy enforcement that is fundamentally 
different in architecture from the claimed system and methods. In Herrmann, a client attempts to 
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access a protected network resource through a network access server (NAS). See Herrmann Fig. 
4. The NAS contacts a policy server (460) through a proxy server and an integrity gateway 
server (IGW) that acts as a translator for the policy server. The policy request is sent back 
through the NAS to the client requesting information about the client. The response to that 
request is again routed to the policy server. If the response is satisfactory, the policy server 
informs the NAS directly, and the NAS permits access by the client to the protected network 
resource. See Herrmann paras. 0096-0097. 

By contrast, amended claim 1 requires, inter alia: 

a first server for providing the client with a manifest of checks, and if 
the manifest of checks is passed by the client, for providing the client proof that 
the client possesses a required configuration; 
See claim 1, emphasis added. 

The policy server of Herrmann provides an indication to the NAS that the client is to be 
given access, but no proof of a required configuration is provided to the client. Among other 
reasons, this is disadvantageous because the client in Herrmann cannot reuse the any proof of 
policy satisfaction in future attempts to access the protected network resource. Accordingly, 
Herrmann fails to teach every element of amended claim 1, and withdrawal of the Examiner's 
rejection of claim 1 is respectfully requested. 

Similarly, amended claim 13 requires, inter alia, receiving at the client proof of the 
required configuration from the first server ; and sending from the client the proof of the required 
configuration to the second server . As discussed, in Herrmann, the policy server sends approval 
or denial of access to the NAS directly. No "proof of a required configuration" is ever received 
from the policy server at the client. Nor does the client send the proof of the required 
configuration to the NAS. As such, Herrmann also fails to teach every element of amended 
claim 13, and withdrawal of the Examiner's rejection of claim 13 is respectfully requested. 

Herrmann also fails to anticipate every element of claim 23, which requires, inter alia: 

receiving at a first server a request for access to the network resource from 
the client; 
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receiving at the first server proof from the client of a required 
configuration; 

validating at the first server the proof by comparing the proof to 
information obtained from a trusted server; 
See claim 23, emphasis added. 

There is no server in Herrmann that receives a request for access to a network resource, 
receives proof from the client of a required configuration, and validates the proof by comparing 
the proof to information obtained from a trusted server. Again, Herrmann is fundamentally 
different in architecture. The NAS receives the request from the client for network access, the 
policy server performs validation (without comparison to information from any "trusted server"), 
and the NAS receives a message from the policy server whether to permit network access. As 
such, Herrmann fails to teach every element of claim 23, and withdrawal of the Examiner's 
rejection of claim 23 is respectfully requested. 

Claims 2-3, 6, 7, 10-12, 14, 18, and 24 all depend from one of claims 1, 13, or 23 
discussed above and are allowable for at least the reasons discussed with respect to those claims. 
In addition, new claims 28 and 29 are allowable for at least the reasons noted above. 

Rejections Under 35 USC § 103(a) 

Claims 4, 5, 15, 16, 19-22 and 25 are rejected under 35 USC 103(a) as being unpatentable 
over Herrmann in view of Yoko Saito et al. (US Patent No. 6,275,941) (hereinafter "Saito"). 

Claims 19-22 have been canceled. Claims 4, 5, 15, 16, and 25 all depend from one of 
claims 1, 13, or 23 discussed above and are allowable for at least the reasons discussed with 
respect to those claims. 

Claims 8, 9, 17, 26 and 27 are rejected under 35 USC 103(a) as being unpatentable over 
Herrmann and in further view of Saito and Jingsha He et al., US Patent No. 6,088,45 1 
(hereinafter "He"). 
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Claim 27 has been canceled. Further, claims 8, 9, 17, and 26 depend on one of the 
independent claims 1, 13, or 23 discussed above and are allowable for at least the reasons 
discussed with respect to those claims. 

Neither Saito nor He make up for the deficiencies of Herrmann noted above. Each of 
Saito and He are directed to a system for performing user authentication and have nothing to do 
with validating the configuration of a client machine. 



In light of the above remarks and amendments, it is believed that the application is now 
in condition for allowance and such action is respectfully requested. Should any additional 
issues need to be resolved, the Examiner is requested to telephone the undersigned to attempt to 
resolve those issues. 

It is believed that no further fees are due with this Response. However, the 
Commissioner is hereby authorized to charge any deficiencies or credit any overpayment with 
respect to this patent application to deposit account number 13-2725. 



CONCLUSION 



Respectfully submitted, 
MERCHANT & GOULD P.C. 
P.O. Box 2903 

Minneapolis, Minnesota 55402-0903 



Date: November 13, 2007 
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